Add better error logging on all api endpoints

example-docker-compose.yml

@@ -7,9 +7,6 @@ services:
           - .env
         build:
           context: .
-          args:
-            WEB_USER: ${WEB_USER}
-            WEB_PWD: ${WEB_PWD}
         ports:
           - '4433:4433/tcp'
           - '7080:7080/tcp'

internal/router/bpf.go

@@ -6,6 +6,7 @@ import (
 	"encoding/hex"
 	"errors"
 	"fmt"
+	"log"
 	"math"
 	"net"
 	"strings"
@@ -607,13 +608,18 @@ func GetRules() (map[string]FirewallRules, error) {
 			return nil, err
 		}
 
-		res := hashToUsername[hex.EncodeToString(deviceStruct.user_id[:])]
+		res, ok := hashToUsername[hex.EncodeToString(deviceStruct.user_id[:])]
+		if !ok {
+			log.Println("[ERROR] Device links to unknown user UI (not found in db): ", hex.EncodeToString(deviceStruct.user_id[:]))
+			continue
+		}
 
 		fwRule := result[res]
 		fwRule.Devices = append(fwRule.Devices, fwDevice{IP: net.IP(ipBytes).String(), Authorized: isAuthed(net.IP(ipBytes).String()), Expiry: deviceStruct.sessionExpiry, LastPacketTimestamp: deviceStruct.lastPacketTime})
 
 		if err := xdpObjects.AccountLocked.Lookup(deviceStruct.user_id, &fwRule.AccountLocked); err != nil {
-			return nil, err
+			log.Println("[ERROR] User ID was not properly in firewall map: ", hex.EncodeToString(deviceStruct.user_id[:]), " err: ", err)
+			continue
 		}
 
 		var innerMapID ebpf.MapID
@@ -622,7 +628,8 @@ func GetRules() (map[string]FirewallRules, error) {
 		if err == nil {
 			fwRule.Policies, err = iterateSubmap(innerMapID)
 			if err != nil {
-				return nil, err
+				log.Println("[ERROR] User had no policies: ", hex.EncodeToString(deviceStruct.user_id[:]), " err: ", err)
+				continue
 			}
 
 		}

ui/ui_webserver.go

@@ -1117,7 +1117,10 @@ func registrationTokens(w http.ResponseWriter, r *http.Request) {
 		}
 
 		for _, token := range tokens {
-			ctrl.DeleteRegistration(token)
+			err := ctrl.DeleteRegistration(token)
+			if err != nil {
+				log.Println("Error deleting registration token: ", token, "err:", err)
+			}
 		}
 		w.Write([]byte("OK"))
 
@@ -1257,7 +1260,10 @@ func manageUsers(w http.ResponseWriter, r *http.Request) {
 		}
 
 		for _, user := range usernames {
-			ctrl.DeleteUser(user)
+			err := ctrl.DeleteUser(user)
+			if err != nil {
+				log.Println("Error deleting user: ", user, "err: ", err)
+			}
 		}
 		w.Write([]byte("OK"))
 
@@ -1319,9 +1325,15 @@ func devicesMgmt(w http.ResponseWriter, r *http.Request) {
 		for _, address := range action.Addresses {
 			switch action.Action {
 			case "lock":
-				ctrl.LockDevice(address)
+				err := ctrl.LockDevice(address)
+				if err != nil {
+					log.Println("Error locking device: ", address, " err:", err)
+				}
 			case "unlock":
-				ctrl.UnlockDevice(address)
+				err := ctrl.UnlockDevice(address)
+				if err != nil {
+					log.Println("Error unlocking device: ", address, " err:", err)
+				}
 			default:
 				http.Error(w, "invalid action", 400)
 				return
@@ -1340,7 +1352,10 @@ func devicesMgmt(w http.ResponseWriter, r *http.Request) {
 		}
 
 		for _, address := range addresses {
-			ctrl.DeleteDevice(address)
+			err := ctrl.DeleteDevice(address)
+			if err != nil {
+				log.Println("Error Deleting device: ", address, "err:", err)
+			}
 		}
 		w.Write([]byte("OK"))